To any sophisticated user, the security of computer system hardware and software is important. Threats include both unauthorized use of systems and software, and, for software, the danger that the software application itself can be altered, hacked, or otherwise compromised.
These issues are also important to enterprises and employers, which must maintain the integrity of their systems, software, and data. Application software providers also have great interest in maintaining the integrity of their products, particularly when ongoing services are provided from a server system.
Typically, software applications are directly downloaded from the provider or a third party. In most cases, there is no means to verify the integrity of the initial download, much less to detect any alteration after installation.
Another significant security risk is present when a user of an application on a client data processing system accesses online data or services of a service provider. In this case, there is commonly some sort of user verification locally or on the server system, but not both, and where the local application can be compromised, the user verification may also be compromised.
There is, therefore, a need in the art for a system, process, and computer program product for validation and enforcement of software application security.